Posted June 5, 20178 yr Quote We’re one week away from the launch of the second LabyREnth Capture the Flag (CTF) challenge! It’s time to give all you players some more details on what you’re going to see next week. We’ve got five tracks this year, and they’re a little different from last year. The skills we’ll be focusing on this year are the following: Working with binaries (PE files, ELF files, Mach-O files, etc.) Working with documents (MS Office Files, PDF Files, etc.) Working with Mobile and IOT files (iOS, Android, ARM, MIPS, etc.) Understanding the Threat Landscape (Yara, Networking, Intel, etc.) Programming While you’re in the LabyREnth, look out for some other challenges hidden throughout the CTF. Complete them quickly and you could win one of our individual first to solve prizes (tablets, VR equipment, etc.). Or just finish challenges in the five tracks to win some of the $32,000 in cash prizes we’re giving away this year! The overview, rules, and most importantly prize structure can all be seen at http://labyrenth.com. We’ve selected these tracks and challenges as we believe they form the cross-section of skills necessary to be a solid security researcher. We’ll be revealing hints and more information about the challenges throughout the CTF. We look forward to seeing you at 4pm PST on June 9! Official site: http://labyrenth.com/Announcement: https://researchcenter.paloaltonetworks.com/2017/04/unit42-labyrenth-ctf-2017/
June 6, 20178 yr Unfortunately for that weekend I have some other plans in "real life". So, I'll take part in it but only starting on Monday.. Last year it was THE best CTF challenge I tried, so I can wholeheartedly recommend it to everyone.
June 10, 20178 yr Did anyone try to run the first windows executable in windows 7 x32? Am I the only one who gets a crash?
June 11, 20178 yr 23 hours ago, evandrix said: i'm stuck on Document #3 - got the images from usb.pcap, then what? nvm, solved it~
June 11, 20178 yr Author Someone can give an hint on programming level 3? I can't find any logic strategy for this. It seems completely random
June 12, 20178 yr It's an odd one... did you figure it out? The paths are obviously walkable, and you can turn corners, but it seems to be randomly generated and empty apart from the ascii when you hit a wall. Most 'mazes' are just L-shaped for me There is an odd thing where you can get stuck and no matter how much you turn, it's just walls.... not sure if that is significant? The hint says that the game is a 'cheater' and that the move from 1st to 3rd person is tricky.... Edited June 12, 20178 yr by Loki
June 12, 20178 yr Author Absolutely not i am stucked with that, i leaved it there and working on other tracks. Yes when you hit a wall ascii is printed. I saw also the 'bug' when you are stucked and there are only closed walls in each direction, in that case i just reboot the python because you can do everything but you will never exit from that damned walls. I sincerely can't find a tactic to defeat that, it seems completely without a logic... and very annoying.
June 12, 20178 yr Well I don't have much time to do these challenges because of university but I've already solved binary #1 in my free time and I think this time either the challenges are way harder or I'm just out of practice.. But still they are fun to solve and I will do my best to solve atleast all binary ones if possible..
June 13, 20178 yr Any help on '%easymath%' ? It seems like 'Final part' ends in an exception(intentional?). @xoring, I think it is tricky . regards, Br. akkaldama Edited June 13, 20178 yr by akkaldama
June 13, 20178 yr @Castor: yep, first challenges of binary track are more difficult. No more base64 or xor, it's proper reversing this year. Other tracks aren't that hard. @akkaldama: there shouldn't be an exception.
June 13, 20178 yr for Documents #04, do i have to bruteforce the RC4 key? using the one provided to decrypt gives a non-ASCII-only string...
June 13, 20178 yr @kao you mean after Binary #2? Well I will sit down later and complete it, I currently only know pieces of it but no idea on how to get the correct flag, if I just have to edit the .exe or code my own program to get the correct flag but hey that's what makes it fun
June 13, 20178 yr 10 hours ago, evandrix said: for Documents #04, do i have to bruteforce the RC4 key? using the one provided to decrypt gives a non-ASCII-only string... check your key length@kao the document track is also way more difficult, which seems to be the case for all tracks Edited June 13, 20178 yr by Mr. J
June 13, 20178 yr 14 minutes ago, Mr. J said: check your key length !@#$% sneaky problem author~!! Edited June 13, 20178 yr by evandrix
June 14, 20178 yr @evandrix: I got stuck at the same place. Solved now, but my emotions were exactly the same..
June 17, 20178 yr @Etor Madiv: did you read the hint that was given together with the task? Hint: Alice, follow the clockmaker into the rabbit hole -> labytime.com .
June 17, 20178 yr After finishing docs... Quote You see @evandrix sitting in the corner of the room. Just wanted to say hi! Edited June 17, 20178 yr by kao
June 17, 20178 yr 11 hours ago, kao said: @Etor Madiv: did you read the hint that was given together with the task? . @kao I read the hint but i didn't get the point, it is mysterious maybe.
June 17, 20178 yr @Etor Madiv: Spoiler labytime.exe generates flag which you need to submit to labytime.com. Unfortunately, the flag expires very fast..
June 17, 20178 yr 48 minutes ago, kao said: @Etor Madiv: Reveal hidden contents labytime.exe generates flag which you need to submit to labytime.com. Unfortunately, the flag expires very fast.. @kao Spoiler So the algorithm that generate the PAN{hash} must be reused to send that quickly via a post request ? because I thought that the flag is something that does not begin with PAN{
June 17, 20178 yr Author @Etor Madiv Spoiler You should just be faster. You can send it or just copy and paste it on the website but you must be fast!
Create an account or sign in to comment